Running Cells as a service with SystemdCreated on 2020/07/01,
When deployed in production environment, we generally advise to run Pydio Cells as a systemd service.
This configuration assumes that you have followed our recommended best practices during installation process, see our detailed installation guides. Adapt to your specific setup if necessary.
Thus you have:
- the downloaded binary at
pydiouser that has correct rights on
/opt/pydio(read and execute) and
pydiouser has only
sudopermission to execute the setcap command. Typically on Linux, do:
echo "pydio ALL=(ALL) NOPASSWD: /sbin/setcap 'cap_net_bind_service=+ep' /opt/pydio/bin/cells" | sudo tee -a /etc/sudoers.d/pydio
Create a new
/etc/systemd/system/cells.service file with following content:
[Unit] Description=Pydio Cells Documentation=https://pydio.com Wants=network-online.target After=network-online.target AssertFileIsExecutable=/opt/pydio/bin/cells [Service] WorkingDirectory=/tmp/cells User=pydio Group=pydio PermissionsStartOnly=true ExecStartPre=/usr/bin/sudo /sbin/setcap 'cap_net_bind_service=+ep' /opt/pydio/bin/cells ExecStart=/opt/pydio/bin/cells start Restart=on-failure StandardOutput=journal StandardError=inherit LimitNOFILE=65536 TimeoutStopSec=5 KillSignal=INT SendSIGKILL=yes SuccessExitStatus=0 # Add environment variables Environment=PYDIO_LOGS_LEVEL=production Environment=CELLS_WORKING_DIR=/var/cells Environment=PYDIO_ENABLE_METRICS=false [Install] WantedBy=multi-user.target
Then, enable and start the service:
sudo systemctl enable cells sudo systemctl start cells
With the above configuration, Pydio Cells logs in rolling text files of 10MB under
<CELLS_WORKING_DIR>/logs/ folder. Typically, on Linux:
tail -200f /var/cells/logs/cells.log
It is worth noting that logs are also outputed to the systemd standard loging system so that you can also see them with e.g.:
sudo journalctl -f -u cells --since "1 hour ago"
Systemd working directory
In the above file, we also overwrite the default systemd configuration for the working directory by using:
... [Service] WorkingDirectory=/tmp/cells ...
Thus the current directory for the various processes that are launched by the app is
/tmp/cells, that we find safer than the default location that is usually the home directory of the user that runs the app.
Please note that this directory must exist and be writable before launching the application.
If it is not the case, the system fails to start with a message that can be quite cryptic for people that are not systemd fluent:
... code=exited, status=200/CHDIR ...